Commexis Cast Daily – Apr. 05, 2018: Zuckerberg Says Most Facebook User Should Assume Their Data Has Been Compromised

Today’s Commexis Cast discusses a recent comment from Facebook Inc. Chief Executive Mark Zuckerberg that most of Facebook’s 2+ billion users should assume their public profile information has been compromised at some point. Katie Canales on Business Insider has a great explanation of what data could have been taken by bad actors, as well as ways that you can protect yourself from the scrapers in the future. Here’s a rundown of what the minimum amount of info that can be gathered from your “Public Profile”:

  • Name
  • Gender
  • Username and user ID (which is in your profile’s URL)
  • Profile Picture
  • Cover Photo
  • Age range (under 18, 18-21, and over 18)

What’s important to remember in this discussion is how basic this information is, and how public Facebook profiles are. Facebook uses this basic information to help you see content that’s age appropriate (in the case of your age), and the rest is to help users connect with one another. However, there was still one form of abuse that scammers were able to take on the system. If you had a setting that linked your e-mail or phone number to your Facebook account, and allowed other users to find you with that information, scrapers were able to tie that e-mail or phone number to the gathered information from your Facebook profile.

Facebook CTO Mark Schroepfer explained this in a blog post yesterday:

“However, malicious actors have also abused these features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery. Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way.”

In addition, you can find more information on ways Facebook plans on changing their privacy settings, and ways you can better protect yourself, in that same blog post.

Mark Zuckerberg confirmed these numbers in a press call yesterday, saying, “I would assume if you had that setting turned on that someone at some point has access to your public information in some way.”

One thing Matt and Phillip pointed out was the basic kind of information gathered. That same kind of information could be gathered by a phone book, for example. On the other hand, the e-mail and phone number linking is a little more advanced and malicious. And the information available to be gathered increased if your profile and posts are completely public. In that case, it’s safe to assume any of your information posted was able to be compromised.

Unfortunately, this is just one more example of the cost of using free services on the internet, and of posting information in a publicly available space. There is always a chance of someone taking publicly available information and using it ways you wouldn’t expect (such as to send you spam phone calls).

Today’s cast: Phillip Brooks (Commexis Lead Strategist) and Matthew McGrorty (Commexis Videographer/Podcaster).

Join the Commexis team as we add context to these stories for the busy CMO. All the news you need to know–from our inbox to yours.

Tune in to more of the Commexis Cast Daily by checking out our YouTube and Soundcloud.

Join the Commexis mailing list